U.S. patent application number 15/111096 was filed with the patent office on 2016-11-24 for methods and nodes supporting lawful intercept.
This patent application is currently assigned to TELEFONAKTIEBOLAGET LM ERICSSON (PUBL). The applicant listed for this patent is TELEFONAKTIEBOLAGET LM ERICSSON (PUBL). Invention is credited to Erik FRIMAN, Jari VIKBERG, Lars WESTBERG.
Application Number | 20160344774 15/111096 |
Document ID | / |
Family ID | 50112995 |
Filed Date | 2016-11-24 |
United States Patent
Application |
20160344774 |
Kind Code |
A1 |
WESTBERG; Lars ; et
al. |
November 24, 2016 |
METHODS AND NODES SUPPORTING LAWFUL INTERCEPT
Abstract
The following invention relates to methods and nodes for
performing Lawful Intercept, LI, when service related content is
stored in a Radio Access Network, RAN or a wireless User Equipment,
UE, where conventional LI techniques are not applicable or operable
when a user is activating and using a service application which
content is distributed to a RAN 160 or the UE 170. The described
and provided solution is an uplink LI notification functionality
comprising a main content functionality in a first node 130
co-operating through signalling with a distributed content
functionality of a node of a RAN and/or UE. The main content
functionality is implemented as a main content functionality means
132 in the first node. The distributed content functionality means
is implemented as distributed content functionality means 162, 172
in the RAN or the UE.
Inventors: |
WESTBERG; Lars; (Enkoping,
SE) ; FRIMAN; Erik; (Stockholm, SE) ; VIKBERG;
Jari; (Jarna, SE) |
|
Applicant: |
Name |
City |
State |
Country |
Type |
TELEFONAKTIEBOLAGET LM ERICSSON (PUBL) |
Stockholm |
|
SE |
|
|
Assignee: |
TELEFONAKTIEBOLAGET LM ERICSSON
(PUBL)
Stockholm
SE
|
Family ID: |
50112995 |
Appl. No.: |
15/111096 |
Filed: |
January 15, 2014 |
PCT Filed: |
January 15, 2014 |
PCT NO: |
PCT/SE2014/050037 |
371 Date: |
July 12, 2016 |
Current U.S.
Class: |
1/1 |
Current CPC
Class: |
H04W 12/0017 20190101;
H04W 12/007 20190101; H04W 12/0013 20190101; H04L 63/08 20130101;
H04L 63/306 20130101 |
International
Class: |
H04L 29/06 20060101
H04L029/06 |
Claims
1. A method performed in a first node of a communication network,
said node being connected to a Lawful Interception, LI, system,
said method comprising: receiving from a Radio Access Network, RAN,
a LI notification message indicating that service related content,
pre-stored or cached in a storage in a wireless User Equipment, UE,
or the RAN, has been used by user equipment, UE; processing the LI
notification message for identifying the service related content;
sending the identified service related content to the LI system as
Content of Communication, CC, together with Intercept Related
Information, IRI.
2. The method according to claim 1, wherein the LI notification
message comprises content identification information of the service
related content or a copy of the service related content, and UE
identification information.
3. The method according to claim 1, wherein the LI notification
message comprises an authentication header and/or a secure
hash.
4. The method according to claim 1, wherein the receiving step
comprises: receiving the LI notification message via a secure link
separated from the regular transmission links.
5. A method for supporting Lawful Interception, LI, performed in a
Radio Access Network, RAN, the method comprises: receiving a
service alert message from a wireless user equipment, UE;
processing the service alert message; generating a LI notification
message by means of the service alert message; sending the LI
notification message towards an addressed first node of a
communications network.
6. The method according to claim 5, wherein the LI notification
message comprises content identification information of the service
related content or a copy of the service related content, and UE
identification information.
7. The method according to claim 6, wherein the LI notification
message comprises an authentication header and/or a secure
hash.
8. The method according to claim 5, wherein the sending of the LI
notification message step comprises: sending the LI notification
message via bearers associated with the UE.
9. The method according to claim 5, wherein the sending of the LI
notification message step comprises: sending the LI notification
message via a link separated from bearers associated with the
UE.
10. The method according to claim 5, wherein the service alert
message comprises information that a specified service related
content, cached or pre-stored in the sending wireless UE, is used
by the UE.
11. The method according to claim 5, wherein the service alert
message comprises a request for a specified service related content
cached or pre-stored in the RAN, the method further comprises:
sending the specified service related content to the requesting
wireless UE.
12. A method for supporting Lawful Interception, LI, performed in a
wireless user equipment, UE, the method comprises: generating a
service alert message, when a service related content is to be
used; sending the service alert message towards a Radio Access
Network, RAN.
13. The method according to claim 12, wherein the service alert
message comprises information that a specified service related
content, cached or pre-stored in the sending wireless UE, is to be
used by the UE.
14. The method according to claim 12, wherein the service alert
message comprises a request for a specified service related
content, cached or pre-stored in the RAN, the method further
comprises: receiving the specified service related content.
15. A method for supporting Lawful Interception, LI, performed in a
wireless user equipment, UE, which comprises service related
content, cached or pre-stored, the method comprises: generating a
LI notification message, when a service related content is to be
used; sending the LI notification message via a Radio Access
Network connected to a communication network comprising a first
node which is connected to a LI system.
16. The method according to claim 15, wherein the LI notification
message comprises content identification information of the service
related content or a copy of the service related content, and UE
identification information.
17. The method according claim 16, wherein the LI notification
message comprises an authentication header and/or a secure
hash.
18. A first node of a communication network, which node is
connected to a Lawful Interception, LI, system, said node
comprising a communication interface and a main content
functionality means adapted for receiving a LI notification
message, from a Radio Access Network, RAN, via the communication
interface, said LI notification message indicating that service
related content, pre-stored or cached in a storage in a wireless
User Equipment, UE, or the RAN, has been used by the UE, UE, said
main content functionality means is further adapted for processing
the LI notification message for identifying the service related
content; and for sending the identified service related content to
the LI system as Content of Communication, CC, together with
Intercept Related Information, IRI to the LI system.
19. The first node according to claim 18, wherein the main content
functionality means is configured to process LI notification
messages comprising content identification information of the
service related content or a copy of the service related content,
and UE identification information.
20. The first node according to claim 19, wherein the LI
notification message comprises an authentication header and/or a
secure hash.
21. The first node according to claim 18, wherein the main content
functionality means is adapted to receive and to process LI
notification messages via a secure link separated from the regular
transmission links in the communications network.
22. A node in a Radio Access Network, RAN, said node comprising a
distributed content means configured to support Lawful
Interception, LI, comprising a distributed content means which is
adapted to receive a service alert message from a wireless user
equipment, UE via an associated transceiver, wherein the
distributed content means further is adapted to process the service
alert message, to generate a LI notification message by means of
the service alert message, and to send the LI notification message
towards an addressed first node of a communications network via a
communication interface.
23. The node according to claim 22, wherein the distributed content
means is configured to generate LI notification messages comprising
content identification information of the service related content
or a copy of the service related content, and UE identification
information.
24. The node according to claim 22, wherein the distributed content
means is adapted to generate a LI notification message comprising
an authentication header and/or a secure hash.
25. The node according to claim 22, wherein the distributed content
means is adapted to send via the communication interface LI
notification messages via bearers associated with the UE.
26. The node according to claim 22, wherein the distributed content
means is adapted to send via the communication interface LI
notification messages via a link separated from bearers associated
with the UE.
27. The node according to claim 22, wherein the distributed content
means is adapted to process service alert messages comprising
information that a specified service related content, cached or
pre-stored in the sending wireless UE, is used by the UE.
28. The node according to claim 22, wherein the distributed content
means is adapted to process service alert messages comprising a
request for a specified service related content cached or
pre-stored in the RAN, the distributed content means is further
adapted to send via the transceiver the specified service related
content to the requesting wireless UE.
29. A wireless user equipment, UE, comprising a transceiver and a
distributed content means for supporting Lawful Interception, LI,
wherein the distributed content means is configured to generate a
service alert message, when a service related content is to be
used, the distributed content means is further adapted to send via
the transceiver the service alert message towards an access point
of a Radio Access Network.
30. The user equipment according to claim 29, wherein the
distributed content means is configured to generate service alert
messages comprising information that a specified service related
content, cached or pre-stored in the UE, is to be used by the
UE.
31. The user equipment according to claim 29, wherein the
distributed content means is configured to generate service alert
messages comprising a request for a specified service related
content, cached or pre-stored in the RAN, and the distributed
content means further is adapted to receive the specified service
related content via the transceiver.
32. A wireless user equipment, UE, comprising a transceiver and a
distributed content means for supporting Lawful Interception, LI,
wherein the distributed content means is configured to generate a
LI notification message, when a service related content, cached or
pre-stored in the UE, is to be used by the UE and to send the LI
notification message via the transceiver and a Radio Access Network
connected to a communication network comprising a first node which
is connected to the LI system.
33. The user equipment according to claim 32, wherein the
distributed content means is configured to generate LI notification
messages comprising content identification information of the
service related content or a copy of the service related content,
and UE identification information.
34. The user equipment according to claim 32, wherein the
distributed content means is configured to generate LI notification
messages comprising an authentication header and/or a secure hash.
Description
TECHNICAL FIELD
[0001] The present technology relates to a Lawful Interception in a
wireless communication network.
BACKGROUND
[0002] According to lawful interception (LI), all signalling and
data delivered to an end user under LI needs to be collected. One
condition under LI is that LI activity should not be able to be
detected by the end user under LI or other people.
[0003] One problem arises when data delivered to an end user or
used by the end user does not pass an intercept access point of a
LI system as nodes of a Radio Access Network (RAN) or the UE
normally do not contain any LI functionality.
[0004] FIG. 1 shows the 3GPP standardized interfaces for LI in the
packet domain.
[0005] FIG. 1 is a block diagram of an exemplary Lawful
Interception (LI) system 110 and network 10 according to prior art.
Said system and network comprises a number of entities. The
exemplary LI system comprises a Law Enforcement Management
Function, LEMF, 12 for requesting LI services of the LI system and
collecting the intercepted information of Intercepting Access
Points, IAPs, 20 in the system. The system shall provide access to
the intercepted Content of Communications, CC, and Intercept
Related Information, IRI, of a target and services related to the
target on behalf of one or more Law Enforcement Agencies, LEAs 80.
A target is a person of interest and/or user equipment possessed or
used by the person of interest being surveyed by the LEA. An
intercept request, also denoted Request for LI activation, is sent
through a first Handover Interface, HI1, located between the Law
Enforcement Management Function 12 and an Intercept Mediation and
Delivery Unit, IMDU, 14 comprising a Mediation Function, MF, 16 and
an Administration Function, ADMF, 18. Said Mediation Function 16
and Administration Function 18 generate based on said received
request a warrant comprising said one or more target identities,
and sends said warrant towards an Intercept Control Element, ICE,
in an Interception Access Point, IAP, 20 via an interface denoted
X1_1. The IAP 20 may be connected to a node of a network, e.g. the
Internet, a 3GMS (third generation Mobile Communications System),
an Evolved Packet System (EPS) etc, from which it intercepts said
Content of Communications and Intercept Related Information of a
mobile target. Said CC and IRI are network related data. As
reference to the standard model, see references [1], [2] and [3],
the content of communication is intercepted in the IAP network node
and it is based upon duplication of target communication payload
without modification. In reference [3], the interfaces HI1 and HI2
are specified in more detail. The IAP sends IRI raw data via an
interface X2 to a Delivery Function for IRI reporting, DF2, 22 and
a Mediation Function of IRI, MF2, 24 that generates and delivers to
a collection functionality a standardized IRI report based on the
received IRI report. Said standardized IRI report is sent over a
standardized interface HI2 to the LEMF 12. The IAP 20 also sends CC
raw data via an interface X3 to a Delivery Function for CC
reporting, DF3, 26 and a Mediation Function of IRI, MF3, 28 which
generates and delivers to a collection functionality a standardized
CC report based on the received CC report. Said standardized CC
report is sent over a standardized interface HI3 to the requesting
LEMF 12.
[0006] Together with the delivery functions it is used to hide from
the third generation (3G) Intercepting Access Point IAP entities
that there might be multiple activations by different Lawful
Enforcement Agencies on the same target.
[0007] The HI2 and HI3-interfaces represent the interfaces between
the LEA and two delivery functions. The delivery functions are
used: [0008] to distribute the Intercept Related Information (IRI)
to the relevant LEA(s) via HI2; [0009] to distribute the Content of
Communication (CC) to the relevant LEA(s) via HI3.
[0010] According to known internet access services, all the IP
streams related to a given target is intercepted and delivered as a
whole session data flow regardless any service used within an
interception session.
[0011] In the example in FIG. 1, the IAP 20 is connected to, or
contained within a user plane gateway, PGW, in a node 140 in a CN
115. The IAP may be connected to any type of user plane gateway,
e.g. SGW, PGW and GGSN. The same interfaces are also used for
control plane nodes like MME and HLR/HSS. Streams of content flow
through the user plane gateway in both directions to the UE and
from the UE. In one direction, content may come from any site
within the CN or any site 119 in a connected communications network
117, e.g. LAN, WLAN, WAN, RAN, etc. The flow passes the (S)Gi
interface connected to the user plane gateway. LI is therefore
possible to perform. The flow passes an interface S5 between the
PGW node 140 and a SGW node 150, and through an interface Si-U
between the SGW node 150 and a RAN/eNB 160 comprising one or more
radio base stations, e.g. eNB. The radio base station forwards the
content flow via the air interface LTE-Uu to the designated UE
170.
[0012] In the other direction, flow of packets comprising content
generated by the UE passes the same interfaces, nodes and gateways.
When passing the IAP entity, LI is performed.
[0013] The main problem to solve is to support LI functionality in
the case of content cached below the existing CN sites, either in
the RAN or in the UE. When, or if, the cached content is used by
the UE, the content do not pass a site comprising an IAP. Any LI is
therefore not possible.
SUMMARY
[0014] The problem to be solved is thus to support for LI also in
the cases when any content is returned to the UE below nodes that
normally perform LI. A method and embodiments thereof are provided,
which are performed in a first node of a communication network.
Said node being connected to a
[0015] Lawful Interception, LI, system. Said method comprises
receiving from a Radio Access Network, RAN, a LI notification
message indicating that service related content, pre-stored or
cached in a storage in a wireless User Equipment, UE, or the RAN,
has been used by a UE. The method further comprises the steps of
processing the LI notification message for identifying the service
related content, and sending the identified service related content
to the LI system as Content of Communication, CC, together with
Intercept Related Information, IRI.
[0016] Further, it is provided herein, a method and embodiments
thereof, which support Lawful Interception, LI, performed in a
Radio Access Network, RAN. The method comprises the steps of
receiving a service alert message from a wireless user equipment,
UE, processing the service alert message, generating a LI
notification message by means of the service alert message, and
sending the LI notification message towards an addressed first node
of a communications network.
[0017] Further, it is provided herein, a method and embodiments
thereof, which method supports Lawful Interception, LI, performed
in a wireless user equipment, UE. The method comprises the steps of
generating a service alert message, when a service related content
is to be used, and sending the service alert message towards a
Radio Access Network, RAN.
[0018] Additionally, a method and embodiments thereof are provided,
said method supports Lawful Interception, LI, performed in a
wireless user equipment, UE, which comprises service related
content, cached or pre-stored. The method comprises the steps of
generating a LI notification message, when a service related
content is to be used, and sending the LI notification message via
a Radio Access Network connected to a communication network
comprising a first node which is connected to a LI system.
[0019] According to another aspect for solving the problem, a first
node of a communication network and embodiments of the first node
are provided. The node is connected to a Lawful Interception, LI,
system. The node comprises a communication interface and a main
content functionality means adapted for receiving a LI notification
message from a Radio Access Network, RAN, via the communication
interface. Said LI notification message indicates that service
related content, pre-stored or cached in a storage in a wireless
User Equipment, UE, or the RAN, has been used by the UE. The main
content functionality means is further adapted for processing the
LI notification message for identifying the service related
content; and for sending the identified service related content to
the LI system as Content of Communication, CC, together with
Intercept Related Information, IRI to the LI system.
[0020] Further, it is provided herein a node of a Radio Access
Network, RAN, and embodiments of said node comprising a distributed
content means configured to support Lawful Interception, LI. The
node comprises a distributed content means which is adapted to
receive a service alert message from a wireless user equipment, UE
via an associated transceiver, wherein the distributed content
means further is adapted to process the service alert message, to
generate a LI notification message by means of the service alert
message, and to send the LI notification message towards an
addressed first node of a communications network via a
communication interface.
[0021] Further, it is provided herein a wireless user equipment,
UE, comprises a transceiver and a distributed content means for
supporting Lawful Interception, LI. The distributed content means
is configured to generate a service alert message, when service
related content is to be used. The distributed content means is
further adapted to send via the transceiver the service alert
message towards an access point of a Radio Access Network.
[0022] Additionally, it is provided herein, a wireless user
equipment, UE, comprising a transceiver and a distributed content
means for supporting Lawful Interception, LI, wherein the
distributed content means is configured to generate a LI
notification message, when a service related content, cached or
pre-stored in the UE, is to be used by the UE and to send the LI
notification message via the transceiver and a Radio Access Network
connected to a communication network comprising a first node which
is connected to the LI system.
BRIEF DESCRIPTION OF THE DRAWINGS
[0023] The foregoing, and other, objects, features and advantages
of the present technology will be more readily understood upon
reading the following detailed description in conjunction with the
drawings in which:
[0024] FIG. 1 is a block diagram of an exemplary Lawful
Interception (LI) system and network according to prior art;
[0025] FIG. 2 is a block diagram illustrating an embodiment of a
communications network comprising a core network connected to a LI
system;
[0026] FIG. 3 is a flowchart of an embodiment of a method for
enabling and supporting LI;
[0027] FIG. 4 is a flowchart illustrating an embodiment of a method
for supporting Lawful Interception in a Radio Access Network;
[0028] FIG. 5 is a flowchart of an embodiment of a method for
enabling and supporting LI when content used by the UE is stored in
the UE;
[0029] FIG. 6 is a flowchart of an embodiment of a method for
enabling and supporting LI when the service related content used by
the UE is stored in the wireless user equipment;
[0030] FIG. 7 is a block diagram illustrating embodiments of a main
content functionality means and a distributed content means in an
exemplary communications network;
[0031] FIG. 8 is a block diagram illustrating yet other embodiments
of a main content functionality means and a distributed content
means implemented in an exemplary communications network.
DETAILED DESCRIPTION
[0032] In the following description, for purposes of explanation
and not limitation, specific details are set forth, such as
particular circuits, circuit components, techniques, etc. in order
to provide a thorough understanding of the present invention.
However, it will be apparent to one skilled in the art that the
present technology may be practiced in other embodiments that
depart from these specific details. In other instances, detailed
descriptions of well-known methods, devices, and circuits are
omitted so as not to obscure the description of the present
technology with unnecessary detail.
[0033] The following disclosure describes a solution of the problem
to perform LI when service related content is stored in a RAN or UE
where conventional LI techniques are not applicable or operable
when a user is activating and using a service application which
content is distributed to a RAN or the UE. The described and
provided solution is an uplink LI notification functionality
comprising a main content functionality in a first node
co-operating through signalling with a distributed content
functionality of a node of a RAN and/or UE. The main content
functionality is implemented as a main content functionality means
132 in the first node 132. The distributed content functionality
means is implemented as distributed content functionality means,
dcm, or shortened "distributed content means", in the RAN as
RAN-based dcm 162, or the UE as UE-based dcm 172.
[0034] FIG. 2 is a block diagram illustrating an embodiment of a
communications network 100 comprising a core network 120 connected
to a LI system 110.
[0035] The LI system in the embodiment illustrated in FIG. 2 is
connected to a first node 130 wherein a main content functionality
means, mcmf, 132 is provided. The LI system 110 and the main
content functionality means in the first node 130 is communicating
via interfaces X1, X2 and X3. Said interfaces are described in the
background and FIG. 1. Thus, the IAP may be connected to a main
content functionality means within the first node 130.
[0036] In the example illustrated in FIG. 2, the core network 120
comprises nodes 140, 150 wherein user plane gateways are located.
An IAP of the LI system 110 may be connected to any type of user
plane gateway, e.g. SGW, PGW and GGSN. In FIG. 1, as an example,
the IAP of the LI system 110 is connected to a node 140 comprising
a user plane gateway PGW. The same interfaces are also used for
control plane nodes like MME and HLR/HSS.
[0037] In some embodiments, the main content functionality means is
located in a node 140, 150 comprising a user plane gateway, e.g.
SGW, PGW and GGSN, or a control plane nodes comprising e.g. MME
functionality or HLR/HSS functionality. Thus, the first node is the
node comprising the main content functionality means.
[0038] Streams of content flow through the CN in both
directions--to the UE and from the UE. In one direction, content
may come from any site in a LAN, WLAN, WAN, RAN, etc. The flow
passes the (S)Gi, i.e. SGi or Gi, interface connected to the user
plane gateway. LI is therefore possible to perform. The flow passes
an interface S5 between the PGW 140 and a SGW 150, and through an
interface S1-U between the SGW 150 and a RAN 160 comprising one or
more radio base stations, e.g. eNB. The radio base station forwards
the content flow via the air interface LTE-Uu to the designated UE
170.
[0039] Service related content is stored in a main content storage
135 in the first node. Distributed service related content is
stored in the RAN 160 in a RAN-based distributed content storage
165 or in a UE-based distributed content storage 175.
[0040] The service related content in the first node and the
service related content distributed to the RAN or UE may be
synchronized or not.
[0041] In the embodiments of FIGS. 2 to 9, the distributed content,
i.e. the service related content to be used by a UE, is cached
either in the RAN or in the UE. A User Equipment may be a wireless
device providing different services to a user, services like
telephony, Internet surfing, video streaming, software updating,
etc. When a user of a wireless user equipment activates any service
provided by the UE, the UE uses either cached/pre-stored data
related to said service, i.e. service related content or service
related data content, e.g. video content, software updates,
newspaper subscriptions, etc, or received service related data
stored in the RAN, or stored in a site and retrieved via e.g.
Internet. The users may use different wireless UE:s, e.g.
smartphones, mobile phones, cell phones, lap tops, etc.
[0042] The main content functionality means 132 and its associated
communication interface 138 may according to one embodiment be
adapted to receive and handle LI notification messages either via
regular transmission links in the communications network 120 or a
secure link 180 separated from the regular transmission links in
the communications network 120.
[0043] FIG. 3 is a flowchart of an embodiment of a method S100 for
enabling and supporting LI when service related content used by the
UE is stored in the RAN. The method is performed in a first node
130 of a communication network 120, said node being connected to a
Lawful Interception, LI, system 110. The method comprises a step
of:
[0044] S110:--Receiving from a Radio Access Network, RAN, a LI
notification message indicating that service related content,
pre-stored or cached in a storage in a wireless User Equipment, UE,
or the RAN, has been used by the UE, 170. The LI notification
message is generated in the RAN, see method S200 and FIG. 4 below,
or in the UE, which method S400 is presented further down with
reference to FIG. 6. In the case the LI notification message is
generated in the UE, said LI notification message is received in
the first node from the RAN in the meaning that the RAN forwards
the LI notification message generated in the UE. Thus, the LI
notification message is received in the first node from or via the
RAN.
[0045] According to some embodiments, the LI notification message
comprises content identification information of the service related
content and UE identification information. Optionally, the LI
notification message may comprise time when the service related
content was used.
[0046] It is desirable to identify a specific UE, or subscription,
so that the LI can be performed by the main content functionality
for the correct UE. UE identification information, or a UE
identifier, is preferably a so called permanent UE identity, such
as IMSI or MSISDN. This is a preferred option whenever any of these
identifiers is available. For example, the RNC in UTRAN and BSC in
GERAN are aware of the IMSI. In the LTE-case, the eNB doesn't hold
any permanent UE-identifiers. Another possibility would be to use
the UE IP-address of some of the PDN-connections that are
terminated in a (S)Gi-LAN. In this case, the main content
functionality means can initially receive information about
IP-address and IMSI/MSISDN relations from GGSN/P-GW using RADIUS
accounting principles. Then the IP-address can be used to identify
a specific UE. This has some practical limitations as the same
IP-address subnet may be reused between different PGWs, and even
between different APNs in one PGW. To make this solution feasible,
each PGW and APN may need to have a specific main content
functionality means.
[0047] Still another possibility would be to use any temporary UE
identifier available, e.g. in the eNB. Examples are the S-TMSI and
the S1AP UE identifiers.
[0048] Embodiments where the service related content are RAN-based
and UE-based can be implemented according to the above
principles.
[0049] Still another option in the case of the main content
functionality means being located in a PGW/GGSN is to use the EPC
bearers for the UE in question and adapt the LI notification
message to the PGW/GGSN technology for enabling for said entities
to identify the IL notification message and the related UE. Normal
LI-functionality may therefore be used together with the main
content functionality.
[0050] The content of the LI notification message can take
different forms. In the case, when the service related content in
the first node and the service related content distributed to the
RAN or UE are synchronized, it is sufficient to use a data pointer
in the LI notification message. The data pointer is acontent
identification information of the service related content. The main
content functionality means is adapted to use the data pointers to
identify which information that should be forwarded to the LI
system.
[0051] One advantage with the use of content identification
information, the data pointer, is that it is very hard to detect
that LI is being performed.
[0052] If the service related content in the first node and the
service related content distributed to the RAN or UE not are
synchronized, the whole content may be included in the LI
notification message. Thus, according to further embodiments the LI
notification message comprises a copy of the service related
content, UE identification information and, optionally, time when
the service related content was used.
[0053] According to yet a further embodiment of the method, the LI
notification message comprises an authentication header and/or a
secure hash. The authentication header and the secure hash ensure
that the correct notification is sent for the appropriate content.
It is of course possible to manipulate the notification message.
The idea with the hash is that one can create a hash that ensures
that the content and the notification message are not modified on
the path. The embodiment of the method also comprises a step
of:
[0054] S120:--Processing the LI notification message for
identifying the service related content. The received LI
notification message is processed in the first node for retrieving
the service related content used by a target. If the LI
notification message comprises content identification information
of the service related content and UE identification information,
said information is used for retrieving the corresponding content
from a storage, main content storage 135, in the first node 130 or
from a storage, main content storage 135, associated and/or
connectable from said first node 130. When the service related
content is identified and retrieved, the first node sends the
service related content, UE information and, optionally, time
information, when the content was used, to the LI system via the X2
and X3 interfaces.
[0055] If the LI notification message comprises a copy of the
service related content, UE identification information and,
optionally, time when the service related content was used, the
first node processes the received LI notification message and
identifies the received copy of the service related content in the
message. The first node then sends the service related content, UE
information and, optionally, time information, when the content was
used, to the LI system via the X2 and X3 interfaces.
[0056] The embodiment of the method also comprises a step of:
[0057] S130:--Sending the identified service related content to the
LI system as Content of Communication, CC, together with Intercept
Related Information, IRI.
[0058] According to another embodiment of the method, the receiving
step S110 is modified to involve: S112:--Receiving the LI
notification message via a secure link separated from the regular
transmission links. One advantage is that in this case the LI
notification message is not transported via the user plane gateways
and these nodes are revealed from processing of these messages. In
addition, it may be easier to keep the LI related communication
undetectable if it is included as part of some other communication
like Operations and Maintenance, O&M, related activities.
Finally, it is also easier to achieve protection of the LI related
communication when it uses existing security for existing
communication like the O&M. This technology has it positive
impact mainly on the RAN-side when sending the LI notification i.e.
either send it over S1-U (using UE related bearers) or via a
separate transmission link.
[0059] As mentioned in connection with S110, the LI notification
message may be generated in the RAN, e.g. in a node like a base
station, eNB, eNodeB, etc and sent to the first node.
[0060] The LI notification message can be transported using two
main principles: inband-signalling and outband-signalling.
[0061] The inband-signalling implies that the LI notification
message is transported using the EPC bearers for the UE in
question. One example is the case of distributed content in the
RAN, wherein the RAN injects user plane packets in GTP-U tunnels
for the specific UE. Regarding the case where a distributed content
means is in the UE, the main principle may be to also use user
plane packets, i.e. the distributed content in the UE sends normal
IP-packets towards the main content functionality means. The
outband-signalling means that the LI notification message is not
sent within any EPC bearers for the UE. Instead, the main content
functionality means is directly addressable from the distributed
content means in the RAN and the RAN sends the LI notification
message directly towards the main content functionality means. The
outband-signalling solution is not feasible for the case where
distributed content is located in the UE as an UE only has the
possibility to communicate over either user or control plane
towards the mobile network.
[0062] The main content functionality means may also need to be
addressable, e.g. in a (S)Gi plane it could have its own unique
IP-address. The configuration of this IP-address to the distributed
content means in the RAN and/or UE can be part of the configuration
of the software and it can also be dynamically retrieved, for
example using any DNS-based method.
[0063] FIG. 4 is a flowchart illustrating an embodiment of a method
S200 for supporting Lawful Interception in a Radio Access Network,
RAN. The embodiment comprises a step of:
[0064] S210:--Receiving a service alert message from a wireless
user equipment, UE.
[0065] When a target initiate the use of any service related
content, the target's UE is configured to generate a service alert
message by means of any software stored in the UE. The software
should not be modifiable by the end user, but it is part of the
whole service delivery mechanism. According to one embodiment, the
service alert message comprises information that a specified
service related content, cached or pre-stored in the sending
wireless UE, is used by the UE. This solution consists of UE cache
that is prefilled using any method. The prefilling can be based on
for example traditional unicasting mechanisms or it can be based on
multi- or broadcast of information. One example of the latter is
the usage of MBMS to prefill the UE cache simultaneously in
multiple UEs.
[0066] Alternatively, according to further one embodiment, the
service alert message comprises a request for a specified service
related content cached or pre-stored in the RAN. The generation of
a service alert message is further described hereafter, see method
S300 and FIG. 5 below.
[0067] The embodiment further comprises a step of:
[0068] S220:--Processing the service alert message. The received
message is processed to retrieve information about the service
related content that is used by the UE. Said information is used
for generating the LI notification message.
[0069] The embodiment further comprises a step of:
[0070] S230:--Generating a LI notification message by means of the
service alert message.
[0071] As already specified above, different embodiments are
provided. According to one embodiment of the method, the LI
notification message comprises content identification information
of the service related content, UE identification information.
Optionally, the LI notification message may comprise time when the
service related content was used. According to further embodiments,
the LI notification message comprises a copy of the service related
content, UE identification information and, optionally, time when
the service related content was used. According to further
embodiments, the LI notification message comprises an
authentication header and/or a secure hash.
[0072] The embodiment further comprises a step of:
[0073] S240:--Sending the LI notification message towards an
addressed first node of a communications network.
[0074] The sending of the LI notification message, step S230, may
involve either inband-signalling or outband-signalling as described
above. According to one embodiment of the method, the sending of
the LI notification message, step S230, may therefore involve:
[0075] S242A:--Sending the LI notification message via bearers
associated with the UE. This is the inband-signalling.
[0076] According to one alternative embodiment of the method, the
sending of the LI notification message step S230 may comprise:
[0077] S242B:--Sending the LI notification message via a link
separated from bearers associated with the UE. This is the
outband-signalling.
[0078] According to one alternative embodiment of the method S200,
the method may further comprise:
[0079] S250:--Sending the specified service related content to the
requesting wireless UE. If the service alert message comprises a
request for a specified service related content cached or
pre-stored in the RAN, then the RAN is adapted to send the
specified service related content to the requesting wireless UE
which sent the service alert message.
[0080] When a target initiates the use of any service related
content, the target's UE is configured to generate a service alert
message by means of any software stored in the UE.
[0081] FIG. 5 is a flowchart of an embodiment of a method S300 for
enabling and supporting LI when content is used by the UE, which
content may be stored in the RAN.
[0082] The embodiment comprises:
[0083] S310:--Generating a service alert message, when a service
related content is to be used. According to one embodiment, the
service alert message may comprise information that a specified
service related content, cached or pre-stored in the wireless UE,
is to be used or has been used by the UE. Alternatively, the
service alert message comprises a request for a specified service
related content, cached or pre-stored in the RAN to be sent to the
UE.
[0084] The embodiment further comprises:
[0085] S320:--Sending the service alert message towards a Radio
Access Network, RAN. The service alert message is received by the
RAN and processed in accordance with the above described method
S200 and embodiments thereof, see FIG. 4.
[0086] Alternatively, if the service alert message comprises a
request for a specified service related content, cached or
pre-stored in the RAN, the embodiment may further comprise:
[0087] S330:--receiving the specified service related content.
[0088] FIG. 6 is a flowchart of an embodiment of a method for
enabling and supporting LI when the service related content used by
the wireless UE is stored in the wireless UE. The embodiment of the
method for supporting Lawful Interception comprises a step of:
[0089] S410:--Generating a LI notification message, when service
related content is to be used. This step involves also the
generation of a message when service related content has been used.
According to one embodiment, the LI notification message may
comprise content identification information of the service related
content, UE identification information. Optionally, the LI
notification message may comprise time when the service related
content was used. Alternatively, the LI notification message
comprises a copy of the service related content, UE identification
information and, optionally, time when the service related content
was used.
[0090] According to some of the embodiment, the LI notification
message comprises an authentication header and/or a secure
hash.
[0091] The embodiment of the method for supporting Lawful
Interception comprises further a step of:
[0092] S420:--Sending the LI notification message via a Radio
Access Network connected to a communication network comprising a
first node which is connected to the LI system. The LI notification
message is sent to the Radio Access Network, RAN, 120 and the RAN
is further adapted to forward the message to a first node 130 in
the communication network, which node is connected to the LI system
110.
[0093] The activation of the LI notification functionality may be
performed in different ways.
[0094] One principle to use for activation of LI notification
functionality is that an activation or deactivation command is sent
for all UEs. In this case, LI notification is an internal part of
the distributed content functionality and there is no special need
for a separate activation on UE basis, e.g. for UEs that are under
LI.
[0095] Another possibility is that the main content functionality
in the first node signals dynamically the activation and
deactivation of LI for specific UEs. In both the RAN-based and
UE-based distributed content functionality, it is feasible to use
the described inband-signalling in the downlink. This means that
the main content functionality means generates an activation or
deactivation command message and distributes said command to the
distributed content functionality in the UE or in the RAN. The
messages may be encrypted to obstruct detection of the command
message and LI activity.
[0096] When UE-based distributed content functionality is used, the
above described activation procedure is enough as the distributed
content functionality remembers the LI notification activation
status. The situation is however different for RAN-based
distributed content functionality. In that case, mobility in the
RAN may result in a new distributed content functionality instance
being allocated for the UE. This new, second instance will also
need to know the LI notification activation status. This can be
achieved by RAN-level signalling between the distributed content
functionality means in the different instances, such as part of
handover preparation related signalling. Another option is that one
first distributed content means in a first instance informs the
main content functionality means about the mobility allowing said
main content functionality means to inform one second distributed
content means in the second instance about the current LI
notification activation status. The above described embodiments of
main content functionality in the first node and distributed
content functionality in a UE or node of a RAN may be implemented
in digital electronically circuitry, or in computer hardware,
firmware, software, or in combinations of them. Means, devices, and
apparatuses may be implemented in a computer program product
tangibly embodied in a machine readable storage device for
execution by a programmable processor; and method steps may be
performed by a programmable processor executing a program of
instructions to perform functions of the invention by operating on
input data and generating output.
[0097] The embodiments may advantageously be implemented in one or
more computer programs that are executable on a programmable system
including at least one programmable processor coupled to receive
data and instructions from, and to transmit data and instructions
to, a data storage system, at least one input device, and at least
one output device. Each computer program may be implemented in a
high-level procedural or object-oriented programming language or in
assembly or machine language if desired; and in any case, the
language may be a compiled or interpreted language. It is
understood that any storage unit may comprise a different number of
storage areas, and the illustrated number of data storage areas
only is for illustrative purposes. One or several of the data
storage areas may be physically separated from the other data
storage areas, or may reside on the same physical media.
[0098] Generally, a processor will receive instructions and data
from a read-only memory and/or a random access memory. Storage
devices suitable for tangibly embodying computer program
instructions and data include all forms of non-volatile memory,
including by way of example semiconductor memory devices, such as
EPROM (erasable programmable read only memory), EEPROM
(electrically erasable programmable read only memory), and flash
memory devices; magnetic disks such internal hard disks and
removable disks; magneto-optical disks; and CD-ROM (Compact Disc
Read-Only Memory) disks. Any of the foregoing may be supplemented
by, or incorporated in, specially--designed ASICs (Application
Specific Integrated Circuits).
[0099] Thus, the herein above described method and embodiments of
the method may be implemented and provided as a computer program
comprising computer program code which, when run in a processor of
a system, causes the system to perform the method steps of said
method and embodiments.
[0100] Further, it may be provided a computer program product
comprising a computer program for implementing the above described
method and embodiments of the method and a computer readable means
on which the computer program is stored.
[0101] FIG. 7 is a block diagram illustrating embodiments of a main
content functionality means, a distributed content means in a RAN
and a distributed content means in a UE.
[0102] A main content functionality means 132 is located in a node
130 of a communication network 120, e.g. a Core Network CN. Said
node 130 is herein denoted as first node. Said means 132 is
implemented to support the execution and running of a method and
embodiments thereof as described above in relation to FIG. 3.
[0103] The first node 130 and main content functionality means,
mcfm, 132 are connected to a LI system 110. Said main content
functionality means 132 is adapted to receive via a connected
associated communication interface 138 a LI notification message.
Said LI notification message indicates which service related
content that has been used by a user equipment, UE, 170. The
service related content has been pre-stored or cached in a memory
storage, Sto, 175 in a wireless User Equipment, UE, 170 or a
storage, Sto, 165 in the RAN 160. The main content functionality
means 132 is further adapted for processing the received LI
notification message for identifying the service related content.
The main content functionality means 132 is further adapted for
sending the identified service related content to the LI system 110
as Content of Communication, CC, together with Intercept Related
Information, IRI, to the LI system over the interfaces X2 and
X3.
[0104] According to one embodiment of the main content
functionality means 132, said means 132 is configured to process
and handle LI notification messages comprising content
identification information of the service related content, UE
identification information and, optionally, time when the service
related content was used. An alternative embodiment is also
disclosed wherein the main content functionality means 132 is
configured to handle and process LI notification messages
comprising a copy of the service related content, UE identification
information and, optionally, time when the service related content
was used. According to some embodiments, the main content
functionality means 132 is configured to handle and process LI
notification messages comprising an authentication header and/or a
secure hash.
[0105] If the LI notification message comprises content
identification information of the service related content and UE
identification information, said information is used for retrieving
the corresponding content from a storage, main content storage 135,
in the first node 130 or from a storage, main content storage 135,
associated and/or connectable from said first node 130. When the
service related content is identified and retrieved, the first node
sends the service related content, UE information and, optionally,
time information, when the content was used, to the LI system via
the X2 and X3 interfaces.
[0106] The main content functionality means 132 and its associated
communication interface 138 may according to one embodiment be
adapted to receive and handle LI notification messages via a secure
link 180 separated from the regular transmission links in the
communications network 120, in this example illustrated as a link
via interfaces (S)Gi, S5 and S1-U via the PGW 140 and SGW 150.
[0107] FIG. 7 also shows a distributed content means, dcm, 162 in a
Radio Access Network 160. The means 162 is configured to enable and
support Lawful Interception, when the distributed content is cached
in a storage or cache memory 165 in the RAN 160, e.g. in a node 161
such as a base station eNB. Said means 162 is implemented to
support the execution and running of the method and embodiments
thereof as described above in relation to FIG. 4.
[0108] The distributed content means 162 may be adapted to receive
a service alert message from a wireless UE 170 via an associated
connected transceiver 167. The distributed content means 162 is
adapted to receive a service alert message from a wireless UE 170
and to generate a LI notification message by means of the service
alert message, such as the information and/or data inserted in the
service alert message. The distributed content means 162 may be
adapted to send via an associated communication interface 163 the
LI notification message towards an addressed first node 130 of a
communications network, e.g. a core network 120.
[0109] According to one embodiment of the distributed content means
162, said means 162 is configured to generate and handle LI
notification messages comprising content identification information
of the service related content, UE identification information and,
optionally, time when the service related content was used. An
alternative embodiment is also disclosed wherein the means 162 is
configured to generate and handle LI notification messages
comprising a copy of the service related content, UE identification
information and, optionally, time when the service related content
was used. According to some embodiments, the distributed content
means 162 is configured to generate and handle LI notification
messages comprising an authentication header and/or a secure
hash.
[0110] In further one embodiment the distributed content means 162
and its associated transceiver may be adapted to send LI
notification messages via bearers associated with the U E.
[0111] According to an alternative embodiment, the distributed
content means 162 and its associated transceiver may be adapted to
send LI notification messages via a link separated from bearers
associated with the UE.
[0112] In further one embodiment the distributed content means 162,
the means 162 is adapted to receive and process service alert
messages comprising information that a specified service related
content, cached or pre-stored in the sending wireless UE, is used
by the UE 170.
[0113] According to further one embodiment, the distributed content
means 162 is adapted to receive and process service alert messages,
wherein the service alert message comprises a request for a
specified service related content cached or pre-stored in the RAN.
The distributed content means 162 may therefore adapted to send via
the transceiver 167 the specified service related content to the
requesting wireless UE 170.
[0114] FIG. 7 also shows a distributed content means 172 in a
wireless UE 170. Said means 172 is implemented to support the
execution and running of the methods and embodiments thereof as
described above in relation to FIGS. 5 and 6.
[0115] The distributed content means 172 is configured to generate
a service alert message, when a service related content is to be
used. The distributed content means 172 is further adapted to send
via a connected, associated transceiver 174 the service alert
message towards an access point or access node 161, e.g. a base
station eNB of a Radio Access Network 160.
[0116] According to one embodiment, the distributed content means
172 is configured to generate and handle service alert messages
comprising information that specified service related content,
cached or pre-stored in a storage or cache memory in the wireless
UE, is to be used by the UE.
[0117] According to another embodiment, the distributed content
means 172 may be configured to generate service alert messages
comprising a request for specified service related content, cached
or pre-stored in the RAN. The distributed content means 172 is
further adapted to receive via the associated and connected
transceiver 174 the specified service related content to be used in
the UE.
[0118] According to further one embodiment of a distributed content
means 172 configured to support Lawful Interception, LI, in a
wireless user equipment 170, UE. The wireless UE 170 comprises
service related content cached or pre-stored, wherein the
distributed content means 172 is configured to generate a LI
notification message, when a service related content is to be used
by the UE. The distributed content means is adapted to send the LI
notification message via an associated and connected a transceiver
174 to a Radio Access Network 160 connected to a communication
network 120 comprising a first node 130 which is connected to the
LI system 110.
[0119] According to one embodiment of the distributed content means
172, said means 172 is configured to generate and handle LI
notification messages comprising content identification information
of the service related content, UE identification information and,
optionally, time when the service related content was used. An
alternative embodiment is also disclosed wherein the means 172 is
configured to generate and handle LI notification messages
comprising a copy of the service related content, UE identification
information and, optionally, time when the service related content
was used. According to some embodiments, the distributed content
means 172 is configured to generate and handle LI notification
messages comprising an authentication header and/or a secure
hash.
[0120] FIG. 8 is a block diagram illustrating yet other embodiments
of a main content functionality means, distributed content means in
a RAN and distributed content means in a UE.
[0121] A main content functionality means 132 in a first node 130
of a communication network 100 is illustrated in FIG. 8. Said node
and main content functionality means 132 is connected to a LI
system 110 via interfaces X1, X2 and X3. Said main content
functionality means 132 comprises a processor circuitry operative
of: [0122] receiving (S110) from a Radio Access Network, RAN, a LI
notification message indicating that service related content,
pre-stored or cached in a storage in a wireless User Equipment, UE,
or the RAN, has been used by user equipment (170), UE; [0123]
processing (S120) the LI notification message for identifying the
service related content ; [0124] sending (S130) the identified
service related content to the LI system as Content of
Communication, CC, together with Intercept Related Information,
IRI.
[0125] The main content functionality means 132 comprises the
processing circuitry involving a processor 136 and a memory 134,
and wherein said memory is containing instructions executable by
said processor. Said means 132 is implemented to support the
execution and running of a method and embodiments thereof as
described above in relation to FIG. 3. Said main content
functionality means 132 is connected to a communication interface
138 for enabling communication with other sites 140,150 in the CN
120 and the RAN 160 via interfaces, e.g. (S)Gi, S1-U, etc. The main
content functionality means 132 and its associated communication
interface 138 may according to one embodiment be adapted to receive
and handle LI notification messages via a secure link 180 separated
from the regular transmission links in the communications network
120.
[0126] Said LI notification message indicates which service related
content that has been used by a user equipment, UE, 170. The
service related content has been pre-stored or cached in a memory
storage, Sto, 175 in a wireless User Equipment, UE, 170 or a
storage, Sto, 165 in the RAN 160.
[0127] If a LI notification message comprises content
identification information of the service related content and UE
identification information, said information is used for retrieving
the corresponding content from a storage, main content storage 135,
in the first node 130 or from a storage, main content storage 135,
associated and/or connectable from said first node 130.
[0128] When the service related content is identified and
retrieved, the first node sends the service related content, UE
information and, optionally, time information, when the content was
used, to the LI system via the X2 and X3 interfaces.
[0129] According another embodiment, the processor 136 and memory
134 may involve receiving means for performing S110, processing
means for performing S120, and sending means for performing S230,
wherein said means are implemented as computer program instructions
stored in the memory 136 and executable by the processor 134.
[0130] In FIG. 8 is also an embodiment of a distributed content
means 162 in a RAN illustrated, which means 162 is configured to
support Lawful Interception. The distributed content means 162
comprises a processor circuitry operative of: [0131] receiving,
S210, a service alert message from a wireless user equipment, UE;
[0132] processing, S220, the service alert message; [0133]
generating, S230, a LI notification message by means of the service
alert message; [0134] sending, S240, the LI notification message
towards an addressed first node of a communications network.
[0135] The distributed content means 162 in the RAN comprises the
processing circuitry involving a processor 164 and a memory 166,
and wherein said memory 166 is containing instructions executable
by said processor 164. Said means 162 is implemented to support the
execution and running of a method and embodiments thereof as
described above in relation to FIG. 4.The distributed content means
162 is connected to an associated transceiver 167 for enabling
communication over the air interface LTE-Uu with the UE 170. The
distributed content means 162 is further connected to an associated
communication interface 163 for enabling communication over the
interface S1-U with the CN 120.
[0136] According another embodiment, the processor 164 and memory
166 may involve receiving means for performing S210, processing
means for performing S220, generating means for performing S230 and
sending means for performing S240, wherein said means are
implemented as computer program instructions stored in the memory
166 and executable by the processor 164.
[0137] In FIG. 8 is also an embodiment of a distributed content
means 172 illustrated, which enables and supports Lawful
Interception, LI, in a wireless user equipment, UE. The distributed
content means 172 comprises a processor circuitry operative of:
[0138] generating, S310, a service alert message, when a service
related content is to be used; [0139] sending, S320, the service
alert message towards a Radio Access Network, RAN.
[0140] When the wireless UE 170 comprises service related content,
cached or pre-stored, the processor circuitry is further operative
of: [0141] generating, S410, a LI notification message, when a
service related content is to be used; [0142] sending, S420, the LI
notification message via a Radio Access Network connected to a
communication network 120 comprising a first node 130 which is
connected to the LI system 110.
[0143] The distributed content means 172 comprises the processing
circuitry involving a processor 176 and a memory 178, and wherein
said memory 178 is containing instructions executable by said
processor 176. Said means 172 is implemented to support the
execution and running of methods and embodiments thereof as
described above in relation to FIGS. 5 and 6.The distributed
content means 172 is further connected to an associated transceiver
174 for enabling wireless communication over the air interface
LTE-Uu with the RAN 160.
[0144] According another embodiment, the processor 176 and memory
178 may involve generating means for performing S310 and/or S410,
and sending means for performing S320 and/or S420, wherein said
means are implemented as computer program instructions stored in
the memory 178 and executable by the processor 176.
[0145] The invention allows LI functionality to be supported for UE
or RAN cache or content placed far out in the network without
needing to distribute the GGSN or SGW/PGW far out in the network.
It also enables LI support without the possibility to detect this
on the transport interfaces above the RAN cache or content. The
uplink notifications, service alert message and LI notification
message, have potentially very low bandwidth and are thus very
difficult to detect compared to other solution proposals with
mirroring of content data from cache to core network and LI
function.
[0146] A number of embodiments of the present invention have been
described. It will be understood that various modifications may be
made without departing from the scope of the enclosed claims.
Therefore, other implementations could be considered to be within
the scope of the following claims.
REFERENCES
[0147] [1] 3GPP TS 33.106 "Lawful Interception requirements
(Release 12)",
[0148] [2] 3GPP TS 33.107 "Lawful interception architecture and
functions (Release 12)";
[0149] [3] 3GPP TS 33.108 "Handover interface for Lawful
Interception" (Release 12).
ABBREVIATION LIST
[0150] SGW Serving Gateway
[0151] PGW Public Data Network Gateway
[0152] PDN Public Data Network
[0153] GGSN Gateway GPRS Support Node
[0154] GPRS General Packet Radio Packet Service
[0155] SGSN Serving GPRS Support Node
[0156] 3GPP Third Generation Partnership Project
[0157] LTE Long Term Evolution
[0158] MME Mobility Management Entity
[0159] HI Handover Interface
[0160] HLR Home Location Register
[0161] HSS Home Subscriber Server
[0162] LI Lawful Intercept(-ion)
[0163] RAN Radio Access Network
[0164] DF Delivery Function
[0165] MF Mediation Function
[0166] LEMF Law Enforcement Monitoring Facility
[0167] ADMF Administration Function
[0168] EPC Evolved Packet Core
[0169] CN Core Network
[0170] MBMS Multimedia Broadcast Multicast Services
[0171] IMSI International Mobile Subscriber Identity
[0172] MSISDN Mobile Station Intedrated Services Digital
Network
[0173] IMEI International Mobile Equipment identity
[0174] IP Internet Protocol
[0175] eNB base station in LTE system
[0176] RNC Radio Network Controller
[0177] UTRAN Universal Terrestrial Radio Access Network
[0178] BSC Base Station Controller
[0179] GERAN GSM EDGE Radio Access Network
[0180] TMSI Temporary Mobile Subscriber identity
[0181] APN Access Point Name
* * * * *